Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.

RAT W32.Extrat Activity

Created: 30 Jan 2013 • Updated: 06 Feb 2013 | 4 comments
julrendo's picture
This issue has been solved. See solution.
good

I can indicate the date on which the attack was detected:

RAT W32.Extrat Activity

http://www.symantec.com/security_response/attacksi...

thank you very much

Comments 4 CommentsJump to latest comment

.Brian's picture

Yes the definition date is available on the link you posted. Are you having an issue with it?

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

Mithun Sanghavi's picture

Hello,

Yes, W32.Extrat was discovered on November 12, 2012.

W32.Extrat is a worm that spreads by copying itself to removable drives and P2P networks. It also opens a back door and steals information from the compromised computer.

Check this - 

http://www.symantec.com/security_response/writeup.jsp?docid=2012-111221-3742-99

BLOG from Symantec Security Response Team

W32.Extrat: Syrian Conflict Used To Deliver Xtreme RAT

http://bit.ly/WJB1Mt

Hope that helps!!

Mithun Sanghavi
Senior Consultant
MIM | MCSA | MCTS | STS | SSE | SSE+ | ITIL v3

Don't forget to mark your thread as 'SOLVED' with the answer that best helped you.

SOLUTION
SebastianZ's picture

The current definitions should clean up this threat, are you having any issues with the threat not being detected?